An Italian security researcher this week has developed the first Web-based e-mail worm capable of taking advantage of cross site scripting(XSS) vulnerabilities in multiple Web-mail services. Rosario Valotta described the new form of worm on his blog. The proof of concept, called Nduja Connection, could spread faster than one targeting only a single Web-mail provider, he said.
E-mail worms propagate by extracting contact information from the address book of each infected user, and then sending out an e-mail with the worm payload to each contact -- a user needs only to open an infected e-mail message to spread the worm. Prior concept e-mail worms have been restricted to affecting only one e-mail client, however, the Nduja Connection worm has the potential to spread faster due to it's ability to infect users of four different Web e-mail clients.
Full story